slickit 0.2.0 - Docs.rs

name: Release slickit

on:
  push:
    tags: ['v*']
  workflow_dispatch:
    inputs:
      dry-run:
        description: "Dry run (skip actual publish)"
        type: boolean
        default: false

permissions:
  contents: read

jobs:
  # ── Test before publishing ────────────────────────────────────────
  test:
    name: Test
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Install Rust
        uses: dtolnay/rust-toolchain@stable

      - name: Run tests
        run: cargo test --all-features

      - name: Clippy
        run: cargo clippy --all-features -- -D warnings

  # ── Publish to crates.io ──────────────────────────────────────────
  crates:
    name: Publish to crates.io
    needs: [test]
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Install Rust
        uses: dtolnay/rust-toolchain@stable

      - name: Publish slickit
        if: ${{ !inputs.dry-run }}
        run: cargo publish --all-features || echo "Already published (idempotent)"
        env:
          CARGO_REGISTRY_TOKEN: ${{ secrets.CARGO_REGISTRY_TOKEN }}

      - name: Dry run
        if: ${{ inputs.dry-run }}
        run: cargo publish --all-features --dry-run

  # ── Build Python wheels for each platform ─────────────────────────
  build:
    name: Build wheels (${{ matrix.target }})
    needs: [test]
    runs-on: ${{ matrix.os }}
    strategy:
      fail-fast: false
      matrix:
        include:
          # macOS
          - os: macos-latest
            target: aarch64-apple-darwin
          - os: macos-latest
            target: x86_64-apple-darwin
          # Linux
          - os: ubuntu-latest
            target: x86_64-unknown-linux-gnu
          - os: ubuntu-latest
            target: aarch64-unknown-linux-gnu
          # Windows
          - os: windows-latest
            target: x86_64-pc-windows-msvc

    steps:
      - uses: actions/checkout@v4

      - name: Setup Python
        uses: actions/setup-python@v5
        with:
          python-version: "3.12"

      - name: Build wheel
        uses: PyO3/maturin-action@v1
        with:
          target: ${{ matrix.target }}
          args: --release --out dist -i python3.12
          manylinux: auto
          working-directory: crusts/python

      - name: Upload wheel
        uses: actions/upload-artifact@v4
        with:
          name: wheel-${{ matrix.target }}
          path: crusts/python/dist/*.whl

  # ── Build sdist ───────────────────────────────────────────────────
  sdist:
    name: Build sdist
    needs: [test]
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Build sdist
        uses: PyO3/maturin-action@v1
        with:
          command: sdist
          args: --out dist
          working-directory: crusts/python

      - name: Upload sdist
        uses: actions/upload-artifact@v4
        with:
          name: sdist
          path: crusts/python/dist/*.tar.gz

  # ── Publish to PyPI ───────────────────────────────────────────────
  pypi:
    name: Publish to PyPI
    needs: [build, sdist]
    runs-on: ubuntu-latest
    permissions:
      id-token: write  # trusted publisher OIDC

    steps:
      - name: Download all artifacts
        uses: actions/download-artifact@v4
        with:
          path: dist
          merge-multiple: true

      - name: List artifacts
        run: ls -la dist/

      - name: Publish to PyPI
        if: ${{ !inputs.dry-run }}
        uses: pypa/gh-action-pypi-publish@release/v1
        with:
          packages-dir: dist/

      - name: Dry run
        if: ${{ inputs.dry-run }}
        run: echo "Dry run — skipping PyPI publish"

  # ── Build and publish to npm ──────────────────────────────────────
  # Disabled: npm 2FA/org setup blocking publish. Re-enable when sorted.
  # npm:
  #   name: Publish to npm
  #   needs: [test]
  #   runs-on: ubuntu-latest
  #   permissions:
  #     contents: read
  #     id-token: write
  #   steps:
  #     - uses: actions/checkout@v4
  #     - uses: dtolnay/rust-toolchain@stable
  #     - run: curl https://rustwasm.github.io/wasm-pack/installer/init.sh -sSf | sh
  #     - run: wasm-pack build --target web
  #       working-directory: crusts/wasm
  #     - working-directory: crusts/wasm/pkg
  #       run: jq '.name = "slickit"' package.json > tmp.json && mv tmp.json package.json
  #     - uses: actions/setup-node@v4
  #       with:
  #         node-version: "22"
  #         registry-url: "https://registry.npmjs.org"
  #     - if: ${{ !inputs.dry-run }}
  #       run: npm publish --access public --provenance
  #       working-directory: crusts/wasm/pkg
  #       env:
  #         NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}